2013-06-03 23:09:54 +02:00
|
|
|
# healthd seclabel is specified in init.rc since
|
|
|
|
# it lives in the rootfs and has no unique file type.
|
2015-11-03 18:54:39 +01:00
|
|
|
type healthd, domain, domain_deprecated;
|
2013-06-03 23:09:54 +02:00
|
|
|
|
Allow /dev/klog access, drop mknod and __null__ access
Allow vold, healthd, slideshow, and watchdogd access to /dev/kmsg.
These processes log to the kernel dmesg ring buffer, so they need
write access to that file.
Addresses the following denials:
avc: denied { write } for pid=134 comm="watchdogd" name="kmsg" dev="tmpfs" ino=9248 scontext=u:r:watchdogd:s0 tcontext=u:object_r:kmsg_device:s0 tclass=chr_file permissive=0
avc: denied { write } for pid=166 comm="healthd" name="kmsg" dev="tmpfs" ino=9248 scontext=u:r:healthd:s0 tcontext=u:object_r:kmsg_device:s0 tclass=chr_file permissive=0
avc: denied { write } for pid=180 comm="vold" name="kmsg" dev="tmpfs" ino=9248 scontext=u:r:vold:s0 tcontext=u:object_r:kmsg_device:s0 tclass=chr_file permissive=0
These denials were triggered by the change in
https://android-review.googlesource.com/151209 . Prior to that change,
any code which called klog_init would (unnecessarily) create the
device node themselves, rather than using the already existing device
node.
Drop special /dev/__null__ handling from watchdogd. As of
https://android-review.googlesource.com/148288 , watchdogd no longer
creates it's own /dev/null device, so it's unnecessary for us
to allow for it.
Drop mknod from healthd, slideshow, and watchdogd. healthd and slideshow
only needed mknod to create /dev/__kmsg__, which is now obsolete.
watchdogd only needed mknod to create /dev/__kmsg__ and /dev/__null__,
which again is now obsolete.
Bug: 21242418
Change-Id: If01c8001084575e7441253f0fa8b4179ae33f534
2015-06-06 16:42:37 +02:00
|
|
|
# Write to /dev/kmsg
|
|
|
|
allow healthd kmsg_device:chr_file rw_file_perms;
|
2013-06-03 23:09:54 +02:00
|
|
|
|
2016-01-27 20:19:34 +01:00
|
|
|
# Read access to pseudo filesystems.
|
|
|
|
r_dir_file(healthd, sysfs)
|
|
|
|
|
Allow /dev/klog access, drop mknod and __null__ access
Allow vold, healthd, slideshow, and watchdogd access to /dev/kmsg.
These processes log to the kernel dmesg ring buffer, so they need
write access to that file.
Addresses the following denials:
avc: denied { write } for pid=134 comm="watchdogd" name="kmsg" dev="tmpfs" ino=9248 scontext=u:r:watchdogd:s0 tcontext=u:object_r:kmsg_device:s0 tclass=chr_file permissive=0
avc: denied { write } for pid=166 comm="healthd" name="kmsg" dev="tmpfs" ino=9248 scontext=u:r:healthd:s0 tcontext=u:object_r:kmsg_device:s0 tclass=chr_file permissive=0
avc: denied { write } for pid=180 comm="vold" name="kmsg" dev="tmpfs" ino=9248 scontext=u:r:vold:s0 tcontext=u:object_r:kmsg_device:s0 tclass=chr_file permissive=0
These denials were triggered by the change in
https://android-review.googlesource.com/151209 . Prior to that change,
any code which called klog_init would (unnecessarily) create the
device node themselves, rather than using the already existing device
node.
Drop special /dev/__null__ handling from watchdogd. As of
https://android-review.googlesource.com/148288 , watchdogd no longer
creates it's own /dev/null device, so it's unnecessary for us
to allow for it.
Drop mknod from healthd, slideshow, and watchdogd. healthd and slideshow
only needed mknod to create /dev/__kmsg__, which is now obsolete.
watchdogd only needed mknod to create /dev/__kmsg__ and /dev/__null__,
which again is now obsolete.
Bug: 21242418
Change-Id: If01c8001084575e7441253f0fa8b4179ae33f534
2015-06-06 16:42:37 +02:00
|
|
|
allow healthd self:capability { net_admin sys_tty_config };
|
2014-05-23 22:33:32 +02:00
|
|
|
wakelock_use(healthd)
|
2013-11-04 15:53:46 +01:00
|
|
|
allow healthd self:netlink_kobject_uevent_socket create_socket_perms;
|
|
|
|
binder_use(healthd)
|
2013-12-14 07:19:45 +01:00
|
|
|
binder_service(healthd)
|
2013-11-04 15:53:46 +01:00
|
|
|
binder_call(healthd, system_server)
|
2014-01-28 01:15:00 +01:00
|
|
|
|
2014-03-11 13:51:42 +01:00
|
|
|
# Write to state file.
|
|
|
|
# TODO: Split into a separate type?
|
|
|
|
allow healthd sysfs:file write;
|
|
|
|
|
2016-06-14 22:41:47 +02:00
|
|
|
# TODO: added to match above sysfs rule. Remove me?
|
|
|
|
allow healthd sysfs_usb:file write;
|
|
|
|
|
2016-01-05 23:32:54 +01:00
|
|
|
allow healthd sysfs_batteryinfo:file r_file_perms;
|
|
|
|
|
2014-01-28 01:15:00 +01:00
|
|
|
###
|
|
|
|
### healthd: charger mode
|
|
|
|
###
|
|
|
|
|
2014-07-19 18:43:22 +02:00
|
|
|
# Read /sys/fs/pstore/console-ramoops
|
|
|
|
# Don't worry about overly broad permissions for now, as there's
|
|
|
|
# only one file in /sys/fs/pstore
|
|
|
|
allow healthd pstorefs:dir r_dir_perms;
|
|
|
|
allow healthd pstorefs:file r_file_perms;
|
|
|
|
|
2014-01-28 01:15:00 +01:00
|
|
|
allow healthd graphics_device:dir r_dir_perms;
|
|
|
|
allow healthd graphics_device:chr_file rw_file_perms;
|
|
|
|
allow healthd input_device:dir r_dir_perms;
|
|
|
|
allow healthd input_device:chr_file r_file_perms;
|
2014-03-11 13:51:42 +01:00
|
|
|
allow healthd tty_device:chr_file rw_file_perms;
|
2014-01-28 01:15:00 +01:00
|
|
|
allow healthd ashmem_device:chr_file execute;
|
|
|
|
allow healthd self:process execmem;
|
2014-03-17 18:02:06 +01:00
|
|
|
allow healthd proc_sysrq:file rw_file_perms;
|
|
|
|
allow healthd self:capability sys_boot;
|
2014-07-07 22:56:27 +02:00
|
|
|
|
2016-03-14 20:21:18 +01:00
|
|
|
allow healthd batteryproperties_service:service_manager { add find };
|
2014-07-07 22:56:27 +02:00
|
|
|
|
2014-06-17 23:30:14 +02:00
|
|
|
# Healthd needs to tell init to continue the boot
|
|
|
|
# process when running in charger mode.
|
2015-05-05 03:22:45 +02:00
|
|
|
set_prop(healthd, system_prop)
|